Deny third-party cookie creation for prevalent resources without interaction
[WebKit-https.git] / Source / WebCore / platform / network / NetworkStorageSession.h
1 /*
2  * Copyright (C) 2012-2017 Apple Inc. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
14  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
15  * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16  * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
17  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
18  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
19  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
21  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
22  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
23  * THE POSSIBILITY OF SUCH DAMAGE.
24  */
25
26 #pragma once
27
28 #include "CredentialStorage.h"
29 #include <pal/SessionID.h>
30 #include <wtf/Function.h>
31 #include <wtf/HashSet.h>
32 #include <wtf/text/WTFString.h>
33
34 #if PLATFORM(COCOA) || USE(CFURLCONNECTION)
35 #include <pal/spi/cf/CFNetworkSPI.h>
36 #include <wtf/RetainPtr.h>
37 #endif
38
39 #if USE(SOUP)
40 #include <wtf/Function.h>
41 #include <wtf/glib/GRefPtr.h>
42 typedef struct _SoupCookieJar SoupCookieJar;
43 #endif
44
45 #ifdef __OBJC__
46 #include <objc/objc.h>
47 #endif
48
49 #if PLATFORM(COCOA)
50 #include "CookieStorageObserver.h"
51 #endif
52
53 namespace WebCore {
54
55 class NetworkingContext;
56 class ResourceRequest;
57 class SoupNetworkSession;
58
59 struct Cookie;
60
61 class NetworkStorageSession {
62     WTF_MAKE_NONCOPYABLE(NetworkStorageSession); WTF_MAKE_FAST_ALLOCATED;
63 public:
64     WEBCORE_EXPORT static NetworkStorageSession& defaultStorageSession();
65     WEBCORE_EXPORT static NetworkStorageSession* storageSession(PAL::SessionID);
66     WEBCORE_EXPORT static void ensurePrivateBrowsingSession(PAL::SessionID, const String& identifierBase = String());
67     WEBCORE_EXPORT static void ensureSession(PAL::SessionID, const String& identifierBase = String());
68     WEBCORE_EXPORT static void destroySession(PAL::SessionID);
69     WEBCORE_EXPORT static void forEach(const WTF::Function<void(const WebCore::NetworkStorageSession&)>&);
70
71     WEBCORE_EXPORT static void switchToNewTestingSession();
72
73     PAL::SessionID sessionID() const { return m_sessionID; }
74     CredentialStorage& credentialStorage() { return m_credentialStorage; }
75
76 #ifdef __OBJC__
77     NSHTTPCookieStorage *nsCookieStorage() const;
78 #endif
79
80     const String& cacheStorageDirectory() const { return m_cacheStorageDirectory; }
81     void setCacheStorageDirectory(String&& path) { m_cacheStorageDirectory = WTFMove(path); }
82
83 #if PLATFORM(COCOA) || USE(CFURLCONNECTION)
84     WEBCORE_EXPORT static void ensureSession(PAL::SessionID, const String& identifierBase, RetainPtr<CFHTTPCookieStorageRef>&&);
85     NetworkStorageSession(PAL::SessionID, RetainPtr<CFURLStorageSessionRef>&&, RetainPtr<CFHTTPCookieStorageRef>&&);
86
87     // May be null, in which case a Foundation default should be used.
88     CFURLStorageSessionRef platformSession() { return m_platformSession.get(); }
89     WEBCORE_EXPORT RetainPtr<CFHTTPCookieStorageRef> cookieStorage() const;
90     WEBCORE_EXPORT static void setCookieStoragePartitioningEnabled(bool);
91 #if HAVE(CFNETWORK_STORAGE_PARTITIONING)
92     WEBCORE_EXPORT String cookieStoragePartition(const ResourceRequest&) const;
93     WEBCORE_EXPORT bool shouldBlockCookies(const ResourceRequest&) const;
94     String cookieStoragePartition(const URL& firstPartyForCookies, const URL& resource) const;
95     WEBCORE_EXPORT void setPrevalentDomainsWithAndWithoutInteraction(const Vector<String>& domainsWithInteraction, const Vector<String>& domainsWithoutInteraction, bool clearFirst);
96     WEBCORE_EXPORT void removePrevalentDomains(const Vector<String>& domains);
97 #endif
98 #elif USE(SOUP)
99     NetworkStorageSession(PAL::SessionID, std::unique_ptr<SoupNetworkSession>&&);
100     ~NetworkStorageSession();
101
102     SoupNetworkSession* soupNetworkSession() const { return m_session.get(); };
103     SoupNetworkSession& getOrCreateSoupNetworkSession() const;
104     void clearSoupNetworkSessionAndCookieStorage();
105     SoupCookieJar* cookieStorage() const;
106     void setCookieStorage(SoupCookieJar*);
107     void setCookieObserverHandler(Function<void ()>&&);
108     void getCredentialFromPersistentStorage(const ProtectionSpace&, Function<void (Credential&&)> completionHandler);
109     void saveCredentialToPersistentStorage(const ProtectionSpace&, const Credential&);
110 #else
111     NetworkStorageSession(PAL::SessionID, NetworkingContext*);
112     ~NetworkStorageSession();
113
114     NetworkingContext* context() const;
115 #endif
116
117     WEBCORE_EXPORT void setCookie(const Cookie&);
118     WEBCORE_EXPORT void setCookies(const Vector<Cookie>&, const URL&, const URL& mainDocumentURL);
119     WEBCORE_EXPORT void deleteCookie(const Cookie&);
120     WEBCORE_EXPORT Vector<Cookie> getAllCookies();
121     WEBCORE_EXPORT Vector<Cookie> getCookies(const URL&);
122     WEBCORE_EXPORT void flushCookieStore();
123
124 private:
125     static HashMap<PAL::SessionID, std::unique_ptr<NetworkStorageSession>>& globalSessionMap();
126     PAL::SessionID m_sessionID;
127
128 #if PLATFORM(COCOA) || USE(CFURLCONNECTION)
129     RetainPtr<CFURLStorageSessionRef> m_platformSession;
130     RetainPtr<CFHTTPCookieStorageRef> m_platformCookieStorage;
131 #elif USE(SOUP)
132     static void cookiesDidChange(NetworkStorageSession*);
133
134     mutable std::unique_ptr<SoupNetworkSession> m_session;
135     GRefPtr<SoupCookieJar> m_cookieStorage;
136     Function<void ()> m_cookieObserverHandler;
137 #if USE(LIBSECRET)
138     Function<void (Credential&&)> m_persisentStorageCompletionHandler;
139     GRefPtr<GCancellable> m_persisentStorageCancellable;
140 #endif
141 #else
142     RefPtr<NetworkingContext> m_context;
143 #endif
144
145     CredentialStorage m_credentialStorage;
146
147     String m_cacheStorageDirectory;
148
149 #if HAVE(CFNETWORK_STORAGE_PARTITIONING)
150     bool shouldPartitionCookies(const String& topPrivatelyControlledDomain) const;
151     bool shouldAllowThirdPartyCookies(const String& topPrivatelyControlledDomain) const;
152     HashSet<String> m_prevalentTopPrivatelyControlledDomainsWithoutInteraction;
153     HashSet<String> m_prevalentTopPrivatelyControlledDomainsWithInteraction;
154 #endif
155
156 #if PLATFORM(COCOA)
157 public:
158     CookieStorageObserver& cookieStorageObserver() const;
159
160 private:
161     mutable RefPtr<CookieStorageObserver> m_cookieStorageObserver;
162 #endif
163 };
164
165 #if PLATFORM(COCOA)
166 WEBCORE_EXPORT CFURLStorageSessionRef createPrivateStorageSession(CFStringRef identifier);
167 #endif
168
169 }